Application Allow Lists aligned with CIS Controls

I would like Syncro to add more alignment to security frameworks out of the box. I typically use CIS Controls, so I’ll refer to them (v8) below.

I would like a built-in ability to monitor for non-approved software based on a list we create in Syncro. If an unauthorized application is on a machine, it generates whatever we want, an alert, ticket, sms, whatever. (CIS2.1, 2.3, 2.4, 2.5)

Also, the ability to check for supported versions of applications (w/o having to get a 3rd party vuln management agent tool) (CIS2.2)

And finally, script controls. Add version controls to scripts, or a system to manage script versions over time, as well as have tighter controls on who ran a script, on what machine, and when. This would include the option for an alert to fire when a specified script is run on a machine, and if we want, to notify if a new script is created (or existing one edited) (CIS2.7)

The platform is so close to having these already, with the alerts there, reports are there, installed apps on assets are there, just put them together in some ways that add more value and save time having to look at assets manually and figure this stuff out.

1 Like